Commit Graph

11 Commits

Author SHA1 Message Date
Hisham Muhammad 09e241fb12 Security review: check results of snprintf.
Calls marked with xSnprintf shouldn't fail.
Abort program cleanly if any of them does.
2017-07-27 16:07:50 -03:00
Explorer09 c0e37bc5f5 Fix xStrdup debug build failure & allow Clang to use ((nonnull)) 2016-06-03 10:14:27 +08:00
Explorer09 3297616efa Add assert and __attribute__((nonnull)) on xStrdup
__attribute__((nonnull)) will help catching "calling with NULL" mistake on
compile time.

I also convert xStrdup into a macro, that will do assert() inline when the
code is *not* built with -DNDEBUG . For release builds (with -DNDEBUG),
preprocessor trick will ensure that generated code remains the same.
2016-06-02 20:38:24 +08:00
Explorer09 e288f690af Don't check if (!str) in xStrdup
This effectively reverts "Stricter strdup." 4674b4a732

If str is NULL upon the calling of strdup(), it should crash with SIGSEGV.
Just let it crash. Adding the "if (!str) fail();" code serves nothing but
bloat.
2016-06-02 18:30:18 +08:00
Hisham 4674b4a732 Stricter strdup. 2016-05-30 12:22:22 -03:00
Explorer09 7d3f67e822 Revert 5c593fae42 (xCalloc)
calloc() allows 'nmemb' or 'size' to be zero, in which case NULL may be
returned. Letting htop die because of either argument being zero doesn't
make sense.

As a side note: As size_t is unsigned, compiler should be able to optimize
conditional (nmemb > 0 && size > 0) to (nmemb && size). This theorically
shouldn't increase code size too much.
2016-03-11 10:43:31 +08:00
Hisham 807640e49b Shorten the code using the err() function. 2016-02-03 12:42:25 +00:00
Hisham 5c593fae42 Be stricter! 2016-02-03 02:02:30 +00:00
Hisham f87462d60e Exit on failure! 2016-02-02 16:03:00 +01:00
Hisham b54d2dde40 Check for failure in allocations. 2016-02-02 15:53:02 +01:00
Hisham a1f7f2869e Add allocation tests 2016-01-31 12:01:48 +01:00